Re: maximum ipv4 bgp prefix length of /24 ?

[Robert Blayzor via NANOG]

On 9/29/23 03:34, Mark Tinka wrote:

RAM is not the issue... it's FIB.

If you pay me for FIB slots, I'm happy to install /32's to your heart's 
content .



And convergence times to process all that extra noise...

The line in the sand has been drawn; just say no to >/24 ...

--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: maximum ipv4 bgp prefix length of /24 ?

[Robert Blayzor via NANOG]

Trolling NANOG on this subject?

Let me get my popcorn...

--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/


On 9/28/23 17:25, VOLKAN SALİH wrote:

hello,

I believe, ISPs should also allow ipv4 prefixes with length between 
/25-/27 instead of limiting maximum length to /24..

NY Verizon FIOS IPv6 routing issue

[Robert Blayzor via NANOG]

Any Verizon IP engineers lurking on this list that can contact me about 
a recurring and chronic IPv6 routing issue in the upstate NY Verizon 
FIOS network. Getting feedback from several customers that have valid 
IPv6 PD from FIOS but routing is broken 2-3 hops out in Verizons 
network. This is causing major service issues with anyone that has IPv6 
enabled.


Happy to provide details or work the proper channels; if only you could 
easily find that information...


--
inoc.net!rblayzor
Email: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

VM hosting with full BGP feed

[Robert Blayzor via NANOG]

Looking for a VPS that can do a FreeBSD VM/Jail and can provide a full 
BGP route view.


Anyone know of some place that would do this? Please contact me off 
list, thank yuou.


--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: FCC chairwoman: Fines alone aren't enough (Robocalls)

[Robert Blayzor via NANOG]

On 10/4/22 09:19, Mike Hammett wrote:
Sorta like in the IP world, if everyone did BCP38/84, amplification 
attacks wouldn't exist. Not everyone does, so...



Wouldn't exist? Maybe only in part, BCP38/84 does nothing for a majority 
of DDoS amp attacks. Most traffic is coming from legit/botted sources.


--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: Aftermarket switches that were manufactured in any sort of quantity?

[Robert Blayzor via NANOG]

On 6/9/22 15:07, Saku Ytti wrote:

They're not really particularly cheap, they are 'market rate', you can
get 'market rate' from multiple suppliers, directly from manufacturers
too. They are only cheaper than most EU+US resellers, that's about it.



Are they "cheap" or is everyone else just "overpriced". ?  Thats the 
real question. Of course it all comes down what you're willing to pay 
for it.


--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Cogent RPKI invalid filtering

[Robert Blayzor via NANOG]

According to Cloudflares isbgpsafeyet.com, Cogent has been considered 
"safe" and is filtering invalids.


But I have found that to be untrue (mostly). It appears that some days 
they filter IPv4, sometimes not, and IPv6 invalids are always coming 
through. I know it's Cogent, but curious as to what others are seeing.




invalid.rpki.cloudflare.com has address 103.21.244.15
invalid.rpki.cloudflare.com has address 103.21.244.14
invalid.rpki.cloudflare.com has IPv6 address 2606:4700:7000::6715:f40e
invalid.rpki.cloudflare.com has IPv6 address 2606:4700:7000::6715:f40f



BGP routing table entry for 103.21.244.0/24
  174 13335, (aggregated by 13335 172.69.172.1)
  Origin IGP, metric 83040, localpref 100, valid, external, best, 
group-best, import-candidate

  Community: 174:21101 174:22012


BGP routing table entry for 2606:4700:7000::/48
  174 13335, (aggregated by 13335 172.69.172.1)
2001:550:2f01:: from 2001:550:2f01:: (66.28.1.115)
  Origin IGP, metric 83040, localpref 100, valid, external, best, 
group-best, import-candidate

  Received Path ID 0, Local Path ID 1, version 1272502628
  Community: 174:21101 174:22012


--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

[Robert Blayzor via NANOG]

On 4/22/2021 9:30 AM, Tom Beecher wrote:
While I agree with the overall sentiment of your message, I am curious ; 
have there been any instances where an internet provider has been found 
liable (criminally or civilly) for willfully misrepresenting IP 
geolocation information?


How could there be? Isn't geolocation data just a "best guess" where the 
endpoint may be? Technically you could route an IP (at least a /24) 
almost anywhere. What about anycast prefixes?

Re: OOB management options @ 60 Hudson & 1 Summer

[Robert Blayzor via NANOG]

On 4/15/21 6:14 PM, Matthew Crocker wrote:

I’m in DR space @ 60 Hudson and the Markeley MMR @ 1 Summer




I'm in both locations as well. We have a 10MB static IP connection for 
them and I think it's like $50/mo. Depends on how "out of band" you want 
it to be.


I also think Markley @ 1 summer offers something similar.

--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: Zayo or HE for IP transit

[Robert Blayzor via NANOG]

On 4/19/21 5:30 PM, James Lumby wrote:
What is the current experience with Zayo or HE?  I’m looking at possibly 
adding one of them into a mix of cogent and a mix from my datacenter.  
Would be using BGP full routes.  Any experiences would be appreciated.



Well AFAIK Zayo is not filtering invalid ROA's from their network. So if 
tht matters to you, take that into consideration.


--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://pgp.inoc.net/rblayzor/

Re: Programmable SFP+ Transcievers

[Robert Blayzor via NANOG]

On Jan 18, 2016, at 2:02 PM, Colton Conor  wrote:
> 
> What options are out there for re-programmable SFP and SFP+ transceivers?
> So far I have found both
> https://www.flexoptix.net/en/flexbox-v3-transceiver-programmer.html and
> http://solid-optics.com/tools/multi-fiber-tool/so-multi-fiber-tool-id1768.html
> Is there anything else out there? Any opinions on these two companies?
> 
> 
> I believe they both require you to use their SFPs in order to program them,
> but I could be wrong.


Another choice out there as well. I’ve not yet tried their SmartCoder, but have 
been using their transceivers for years. They have been great.

http://integraoptics.com/SmartCoder.html


--
Robert
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu

Re: Level3 routing issues

[Robert Blayzor via NANOG]

On Jul 28, 2015, at 8:54 PM, Matt Hoppes mhop...@indigowireless.com wrote:
 
 Is anyone seeing packet loss or routing issues on the Level3 network on the 
 east coast right now?
 
 


We’ve seen a slew of problems going west out of Level3 in NYC the last couple 
of nights. Last night was particularly bad to the point we had to shut our 
Level3 BGP sessions down to route around the issue. 

--
Robert
inoc.net!rblayzor
Jabber: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu

Re: Anycast provider for SMTP?

[Robert Blayzor via NANOG]

On Jun 15, 2015, at 1:50 PM, Joe Hamelin j...@nethead.com wrote:
 
 I have a mail system where there are two MX hosts, one in the US and one in
 Europe.  Both have a DNS MX record metric of 10 so a bastardized
 round-robin takes place.  This does not work so well when one site goes
 down.   My solution will be to place a load balancer in a hosting site
 (virtual, of course) and have it provide HA.  But what about HA for the
 LB?  At first glance anycasting would seem to be a great idea but there is
 a problem of broken sessions when routes change.
 
 Have any of you seen something like this work in the wild?


F5 GTM? Depending on what your DNS volume is you could probably get away with a 
couple of virtual appliances…

--
Robert
inoc.net!rblayzor
Jabber: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu